From owner-freebsd-questions@FreeBSD.ORG Mon Apr 14 06:59:39 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5DCC237B401 for ; Mon, 14 Apr 2003 06:59:39 -0700 (PDT) Received: from spxgate.servplex.com (ip66-105-58-82.z58-105-66.customer.algx.net [66.105.58.82]) by mx1.FreeBSD.org (Postfix) with ESMTP id 83C8143F75 for ; Mon, 14 Apr 2003 06:59:38 -0700 (PDT) (envelope-from peter@servplex.com) Received: from peter.servplex.com ([192.168.0.10]) by spxgate.servplex.com (8.12.8/8.12.6) with ESMTP id h3EEAsxj084279; Mon, 14 Apr 2003 09:10:54 -0500 (CDT) (envelope-from peter@servplex.com) Message-Id: <5.2.0.9.2.20030414085928.01bf2458@mail.servplex.com> X-Sender: peter@mail.servplex.com X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9 Date: Mon, 14 Apr 2003 08:59:48 -0500 To: John C From: Peter Elsner In-Reply-To: References: <042a01c30241$e4920350$0100a8c0@andrew> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed cc: freebsd-questions@FreeBSD.ORG Subject: Re: Configuring FreeBSD gateway/firewall? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Apr 2003 13:59:39 -0000 Silly question... Do you have gateway_enable="YES" in your rc.conf file? At 10:27 PM 4/13/2003 -0700, you wrote: >Ahh ... And I thought my first query was a bit too specific ... >Here's my original message: > >I am attempting to turn a PC into a gateway/firewall for my home network. >My ISP is Comcast ... So whatever ramifications therein, for better or >worse, apply to my predicament ... > >I've gotten both interfaces up and working, but I can't seem to get it to >switch packets from within the subnet out into the internet. The kernel is >pretty much GENERIC 4.7, except with the GATEWAY option set, plus with > >net.link.ether.bridge=1 > >In sysctl.conf > >My configuration is as follows: > >Gateway machine: "argonath" >External network interface: sis0 12.235.54.203 (netgear card, ip provided by >DHCP) >Default route: 12.235.54.129 (presumably my cable modem) >Private subnet interface: rl0 192.168.0.1 > >Secondary subnetted machine "shelob": >Interface 192.168.0.2 >Default route: 192.168.0.1 > >I can ping & ssh to "argonath" from "shelob", and can reach the internet >from argonath's rl0 ... But like I said, the gateway action isn't happening. > >One other thing I found odd is that when my secondary machine is plugged >directly into the Comcast subnet, it reports a default route of 12.235.36.1, >which seems more right, but I don't have experience enough in these matters >to say, and what documentation I've found isn't specific enough to give me a >clue about how to solve this problem ... > >Please help? > >Thanks, >John > > > >On 4/13/03 9:54 PM, "Andrew Brampton" wrote: > > > I believe there is something wrong with your configuration... > > > > Ask a vague question, and get a vague answer, ask a specific question, and > > we will give you a specific answer. Please provide as much details as you > > can when asking your question, and exactly what the problem is. > > > > Andrew > > ----- Original Message ----- > > From: "John C" > > To: > > Sent: Monday, April 14, 2003 5:24 AM > > Subject: Configuring FreeBSD gateway/firewall? > > > > > >> Hello ... I'm trying to configure a FreeBSD machine to act as a gateway > >> between my ISP network (Comcast) and my own private subnet. > >> I've followed all documentation so far for this type of configuration ... > >> > >> Pleasse help? > >> > >> -john > >> > >> _______________________________________________ > >> freebsd-questions@freebsd.org mailing list > >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions > >> To unsubscribe, send any mail to > > "freebsd-questions-unsubscribe@freebsd.org" > >> > > > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > >_______________________________________________ >freebsd-questions@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-questions >To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" ---------------------------------------------------------------------------------------------------------- Peter Elsner Vice President Of Customer Service (And System Administrator) 1835 S. Carrier Parkway Grand Prairie, Texas 75051 (972) 263-2080 - Voice (972) 263-2082 - Fax (972) 489-4838 - Cell Phone (425) 988-8061 - eFax I worry about my child and the Internet all the time, even though she's too young to have logged on yet. Here's what I worry about. I worry that 10 or 15 years from now, she will come to me and say "Daddy, where were you when they took freedom of the press away from the Internet?" -- Mike Godwin Unix IS user friendly... It's just selective about who its friends are. System Administration - It's a dirty job, but somebody said I had to do it. If you receive something that says 'Send this to everyone you know, pretend you don't know me. Standard $500/message proofreading fee applies for UCE.